Internet security is important, but with the introduction of “smart” mobile devices, another aspect of our identities become susceptible to additional security threats and vulnerabilities. In this day and age, criminals no longer need to have physical access to your belongings or devices to obtain sensitive information or confidential data; everything can be done easily and remotely.
Smartphones and other mobile devices have opened up a whole new world of possibilities in terms of data management, but as the following infographic points out, mobile devices are inherently insecure. Yet many people are not even aware of the flaws in mobile security. Recently, it was discovered that a security flaw in the 3G network allowed anyone with a rooted femtocell device to track your phone:
In one instance, the attacker could force mobile devices to reveal its Temporary Mobile Subscriber Identity (TMSI), assuming the attacker knows the International Mobile Subscriber Identity (IMSI).
In another instance, the attacker could sniff a valid Authentication and Key Agreement (AKA) request from a targeted device, then send the same request to all phones in range. This would cause all devices except the target to respond with synchronization failures, thus distinguishing the desired device.
That could, for example, allow an attacker to track your movements within a building.
Not only can people have access to your private information, but people are able to track your location and movements without your authentication — how scary is that?
The trouble with the increased number of smartphone users is that not all of these users are security-smart. Many people discard security for increased conveniences, i.e. not reading the information that pops up before an app is installed on your phone. Recently, I tried to install an application, and almost didn’t notice that approving it on my phone would give it permissions to track my location, internet search terms, who I call, the messages I send, and allow it to modify my phone data. And to think that I almost approved the application without reading the information?
Check out this infographic for more information on mobile security and why it matters: